Default Reflected XSS Vulnerability
危険度: 中
CVE識別番号: CVE-2011-1897,MS11-079
情報公開日: 7 21, 2015
概要
Cross-site scripting (XSS) vulnerability in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Default Reflected XSS Vulnerability."
トレンドマイクロの対策
Please apply DPI Rule 'Generic Cross Site Scripting(XSS) Prevention' and add the port of Microsoft Forefront Unified Access Gateway (UAG) server (Default 50002/TCP) in the Application Type 'Web Application Common' .
対応方法
Trend Micro Deep Security DPI Rule Number: 1000552
Trend Micro Deep Security DPI Rule Name: 1000552 - Generic Cross Site Scripting(XSS) Prevention
影響を受けるソフトウェア
- microsoft forefront_unified_access_gateway 2010